The RFID Hackers Revealed – Real RFID Hacking

Outsmart Malicious Hackers


This a very interesting read, the tale of an RFID hacker.

I was always sceptical about RFID I have to say, when everything is tagged, criminals can just drive by your house and scan everything, see what TV you have, which DVD player, how many high value electrical goods, and choose which houses they want to burgle.

The governments can install RFID readers in lamposts everywhere to track your movements from the RFID tags in the underpants you just bought..

Am I being paranoid?

James Van Bokkelen is about to be robbed. A wealthy software entrepreneur, Van Bokkelen will be the latest victim of some punk with a laptop. But this won’t be an email scam or bank account hack. A skinny 23-year-old named Jonathan Westhues plans to use a cheap, homemade USB device to swipe the office key out of Van Bokkelen’s back pocket.

“I just need to bump into James and get my hand within a few inches of him,” Westhues says. We’re shivering in the early spring air outside the offices of Sandstorm, the Internet security company Van Bokkelen runs north of Boston. As Van Bokkelen approaches from the parking lot, Westhues brushes past him. A coil of copper wire flashes briefly in Westhues’ palm, then disappears.

The guy can clone the signal, then reverse it and play it back to the card reader in your office, bingo, he just broke in without raising any alarms.

Van Bokkelen enters the building, and Westhues returns to me. “Let’s see if I’ve got his keys,” he says, meaning the signal from Van Bokkelen’s smartcard badge. The card contains an RFID sensor chip, which emits a short burst of radio waves when activated by the reader next to Sandstorm’s door. If the signal translates into an authorized ID number, the door unlocks.

The coil in Westhues’ hand is the antenna for the wallet-sized device he calls a cloner, which is currently shoved up his sleeve. The cloner can elicit, record, and mimic signals from smartcard RFID chips. Westhues takes out the device and, using a USB cable, connects it to his laptop and downloads the data from Van Bokkelen’s card for processing. Then, satisfied that he has retrieved the code, Westhues switches the cloner from Record mode to Emit. We head to the locked door.

Source: Wired

Posted in: Hardware Hacking, Wireless Hacking

, ,


Latest Posts:


snallygaster - Scan For Secret Files On HTTP Servers snallygaster – Scan For Secret Files On HTTP Servers
snallygaster is a Python-based tool that can help you to scan for secret files on HTTP servers, files that are accessible that shouldn't be public and can pose a s
Portspoof - Spoof All Ports Open & Emulate Valid Services Portspoof – Spoof All Ports Open & Emulate Valid Services
The primary goal of the Portspoof program is to enhance your system security through a set of new camouflage techniques which spoof all ports open and also emulate valid services on every port.
Cambridge Analytica Facebook Data Scandal Cambridge Analytica Facebook Data Scandal
One of the biggest stories of the year so far has been the scandal surrounding Cambridge Analytica that came out after a Channel 4 expose that demonstrated the depths they are willing to go to profile voters, manipulate elections and much more.
GetAltName - Discover Sub-Domains From SSL Certificates GetAltName – Discover Sub-Domains From SSL Certificates
GetAltName it's a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers.
Memcrashed - Memcached DDoS Exploit Tool Memcrashed – Memcached DDoS Exploit Tool
Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan.
QualysGuard - Vulnerability Management Tool QualysGuard – Vulnerability Management Tool
QualysGuard is a web-based vulnerability management tool provided by Qualys, Inc, which was the first company to deliver vulnerability management services as a SaaS-based web-service.


3 Responses to The RFID Hackers Revealed – Real RFID Hacking

  1. Howard May 19, 2006 at 6:52 am #

    Actually, I’m looking forward to a burglary-free future due to technology.

    Imagine if every high value item had a GPS locator in them. They could be battery powered, and only start broadcasting when the power was unplugged.

    And it doesn’t have to be GPS, could be done with triagulation between Wifi stations, bluetooth snarfing, cell phone towers, etc.

    Yes, the clever crooks could take precautions, but the burglars around where I live are nearly that clever…

  2. psst pssst December 12, 2007 at 9:20 pm #

    pssst, what about the security cameras

  3. Mai November 20, 2008 at 8:36 pm #

    the problem is that even when they add the tag they’re terrible at making things secure so you could probably just remove the tag or change the signal to be untraceable and technology also makes detectives more lazy so that they can’t do their job without the technology or the technical know how to keep it up